Configure administrator-defined forgotten password questions

We can enable forgotten password settings for challenge response authentication.

An administrator sets up password challenges for users, which the users must complete before recovering their lost password. When a user answers the administrator-defined challenges successfully, different options are available to receive the new password. To set the right configuration of password recovery, you must complete these steps.

1. From the navigation tree, select Set System Security > Configure Forgotten Password Settings.

2. On the Configure Forgotten Password Settings page, complete these steps:
   1. Select the Enable forgotten password authentication check box.
   2. Under the Login Behavior field, select one of the following login options.
      • Click Reset and e-mail password if you want the system to reset the password and email the password to the user after they successfully answer the challenge response questions. Optionally type in a message the user receives if the user fails to enter the correct answers. Type an email address to which the message is sent.
      • Click Email user a link to change password if we want the system to send an email to the user with the link to change the password. A user can click the link in an email that prompts the user to change the password. This option is set to default in the Identity Service Center when you access it through the virtual appliance.
        • The Email user a link to change password configuration option is effective only when a user initiates the forgot password flow through the Identity Service Center.
        • If a user initiates the forgot password flow through the Self-service user interface, the system prompts the user to change the password and then logs in the user to the system.
   3. Click OK to save your changes.

3. On the Success page, click Close.

Parent topic: Enabling forgotten password authentication